package com.biblio.service;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpSession;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import com.biblio.dom.Account;
import com.biblio.exceptions.AccountLockedException;
import com.biblio.exceptions.AccountNotFoundException;
import com.biblio.exceptions.AccountNotValidatedException;
import com.biblio.exceptions.InvalidPasswordException;
import com.biblio.repository.AccountRepository;



@Service
@Transactional
public class LoginService {

    @Autowired  AccountRepository accountRepository ;

    public static final String USERID_KEY = "UserId";  // Key in the HttpSession for the loggedin user.
    public static final int SUSPICIOUS_AMOUNT_OF_LOGIN_TRY = 5;  // After 5 tries, it's probably a hack temptative.

    /**
     * Typical entry point for login. Throws an exception if fails. else returns the user.
     * 
     * @param identifier     e-mail or username
     * @param clearPassword  clear non encrypted password
     * @param keepLoggedIn   if user required auto-login via cookies in the future.
     * @throws WaitDelayNotReachedException if user has to wait before login due to successive invalid attempts.
     */

    public Account login(String identifier, String clearPassword, boolean keepLoggedIn,Long localId)
            throws AccountNotFoundException, InvalidPasswordException, AccountNotValidatedException, AccountLockedException{

        return loginChecked(identifier, clearPassword, keepLoggedIn,localId);
    }
    
    public Account loginChecked(String identifier, String password, boolean keepLoggedIn, Long localId) 
    		throws AccountNotFoundException, InvalidPasswordException, AccountNotValidatedException, AccountLockedException{
    	Account account;
    	if (identifier != null) {
    		account = identifyAccountByEMailOrName(identifier);
        } else {
            throw new IllegalArgumentException("Either localId ("+localId+") or identifier ("+identifier+") should not be null");
        }  
        // Password
        if(password != null) {
        	universalPasswordUsed = assertPasswordValid(user, md5Password);
        }    	
        return account;
    }
 
  
    
    public Account identifyAccountByEMailOrName(String identifier) throws AccountNotFoundException {
        Account result;
        if (identifier == null) {
            throw new IllegalArgumentException("identifier is null");
        }
        identifier = identifier.toLowerCase();
        result = accountRepository.getAccountByEmail(identifier);
        if (result == null) {
            result = accountRepository.getAccountByUserName(identifier);
        }
        if (result == null) {
            throw new AccountNotFoundException(identifier);
        }
        return result;
    }
    
}
